feat: throw error 403 if creds incorrect
This commit is contained in:
parent
a8f6b30f1f
commit
63d7c0c53a
|
@ -9,6 +9,7 @@ import javax.persistence.TypedQuery;
|
|||
import javax.persistence.NoResultException;
|
||||
import javax.ws.rs.Consumes;
|
||||
import javax.ws.rs.CookieParam;
|
||||
import javax.ws.rs.ForbiddenException;
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.NotFoundException;
|
||||
import javax.ws.rs.POST;
|
||||
|
@ -99,9 +100,8 @@ public class UserService {
|
|||
try {
|
||||
// si on trouve l'utilisateur via son sessionID
|
||||
user = User.fromSessionID(cookie.getValue(), em);
|
||||
|
||||
LOGGER.info(user.getUsername() + " already logged in");
|
||||
// TODO: renvoyer un json avec les creds
|
||||
|
||||
} catch (NoResultException e) {
|
||||
// on trouve le user à partir de son username
|
||||
user = em.find(User.class, username);
|
||||
|
@ -117,6 +117,7 @@ public class UserService {
|
|||
LOGGER.info(user.getUsername() + " logged in");
|
||||
} else {
|
||||
LOGGER.info("incorrect creds for " + user.getUsername());
|
||||
throw new ForbiddenException();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue